A slew of Firefox users has fallen victim to a bogus add-on that was masquerading as a legitimate extension of a cryptocurrency hardware wallet called SafePal, Bleeping Computer reports.
One of the victims, who goes by the name of Cali, was shocked to discover that all of the funds went into the hands of scammers:
I was deep in shock...I saw my last transactions and saw that [$4,000 of my funds] were transferred to another wallet. I could not believe it [was an] add-on that is deployed in the add-on list of Mozilla Firefox.
'Rich Dad Poor Dad' Author Says Only Bitcoin Can Survive in Upcoming Great Depression'Back to Business': Ripple Reacts to Conclusion of Legal Battle with SECXRP Bullrun After $3.26 Breakthrough? Bitcoin (BTC) $115,000 Breakout Secured, Solana (SOL): 84% Volatility Explosion?Bollinger Issues Bitcoin Warning, Ethereum is Superior, Says Fundstrat's Tom Lee, Coinbase Adds 21 New Cryptocurrencies – Crypto News Digest
It is unclear how many other Firefox users were deprived of their funds after downloading the malicious extension. The add-on was operational since mid-February before it was removed just recently.
A bunch of negative reviews from disgruntled users should have been a warning sign.
The user who was scammed by bad actors claims that the police are not capable of tracing the hacker.
Potential victims are tricked into entering their recovery phrases, making it extremely easy for hackers to pilfer their holdings.
What's more, the phishing domain associated with the fraudulent add-on is still live.
Hacks and scams remain prevalent in the cryptocurrency industry. As reported by U.Today, Bitcoin.org, the very first Bitcoin website that was registered by Satoshi Nakamoto, suffered a security breach four days ago.
Earlier this month, a fake YouTube stream of Apple's annual event promoting a Bitcoin giveaway reached roughly 170,000 viewers before it was shut down.
Dan Burgin
Vladislav Sopov
U.Today Editorial Team